Version 3.6

Author: root

BappDescription.html

@@ -14,4 +14,3 @@
 
 
 <p>* If you need more power, I invite you to try the new <b>Burp Bounty Pro</b>, which gives you more power and automation during your manual pentests.</p>
-

CHANGELOG.md

@@ -1,11 +1,15 @@
 ##  Changelog
+**3.6.0 20201005**
+* Fixed bug with Match And Replace
+* Fixed bug with content-type detection
+* Fixed regex bug that contains commas
+
 **3.5.0 20201001**
 * Fixed bug with Payload and Payload without encode match type 
 * Changed the default directory from user.dir to user.home
 * Added <payload> and <grep> variables for printing issue details in Advisory.
 * Fixed regex grep case sensitive
 * Better redirection performance
-* Fixed bug with Match And Replace
 
 
 **3.4.0 20200621**

README.md

@@ -27,7 +27,7 @@ Download releases:
 
 ## Profiles
 
-* Thanks to [Six2dez1](https://twitter.com/Six2dez1) for collect all of the Burp Bounty profiles and also share their own. You can find the collection [HERE](https://github.com/wagiro/BurpBounty/tree/master/profiles/)
+* Thanks to [Six2dez1](https://github.com/six2dez) for collect all of the Burp Bounty profiles and also share their own. You can find the collection [HERE](https://github.com/wagiro/BurpBounty/tree/master/profiles/)
 
 * Also thanks to: 
 
@@ -53,3 +53,9 @@ All of them have contributed by sharing their Burp Bounty profiles
 
 
 <br/>
+
+
+## Special Thanks
+
+* Thanks to [Nexsus](https://twitter.com/Nexsus1985) for helping me to detect errors in the extension and thus be able to solve them.
+

src/ActiveProfile.java

@@ -187,9 +187,9 @@ public void loadGrepsFile(DefaultTableModel model) {
                 bufferreader.close();
                 showGreps(grep);
             } catch (FileNotFoundException ex) {
-                callbacks.printError("ActivePorfile line 213:" + ex.getMessage());
+                callbacks.printError("ActiveProfile line 213:" + ex.getMessage());
             } catch (IOException ex) {
-                callbacks.printError("ActivePorfile line 215:" + ex.getMessage());
+                callbacks.printError("ActiveProfile line 215:" + ex.getMessage());
             }
         }
     }

src/BurpBountyExtension.java

@@ -81,7 +81,7 @@ public void registerExtenderCallbacks(IBurpExtenderCallbacks callbacks) {
             optionsTab.getVerticalScrollBar().setUnitIncrement(20);
             callbacks.addSuiteTab(this);
 
-            callbacks.printOutput("- Burp Bounty v3.5");
+            callbacks.printOutput("- Burp Bounty v3.6");
             callbacks.printOutput("- For bugs please on the official github: https://github.com/wagiro/BurpBounty/");
             callbacks.printOutput("- Created by Eduardo Garcia Melia <wagiro@gmail.com>");
 
@@ -242,7 +242,7 @@ public int consolidateDuplicateIssues(IScanIssue existingIssue, IScanIssue newIs
 
     @Override
     public String getTabCaption() {
-        return "Scan Check Builder";
+        return "Burp Bounty";
     }
 
     @Override

src/BurpBountyGui.form

@@ -122,7 +122,7 @@
   <Layout>
     <DimensionLayout dim="0">
       <Group type="103" groupAlignment="0" attributes="0">
-          <Component id="jTabbedPane2" alignment="0" pref="1140" max="32767" attributes="0"/>
+          <Component id="jTabbedPane2" alignment="0" max="32767" attributes="0"/>
       </Group>
     </DimensionLayout>
     <DimensionLayout dim="1">
@@ -871,7 +871,7 @@
                 <Property name="foreground" type="java.awt.Color" editor="org.netbeans.beaninfo.editors.ColorEditor">
                   <Color blue="33" green="66" red="ff" type="rgb"/>
                 </Property>
-                <Property name="text" type="java.lang.String" value="&lt;html&gt;Burp Bounty version 3.5&lt;/html&gt;"/>
+                <Property name="text" type="java.lang.String" value="&lt;html&gt;Burp Bounty version 3.6&lt;/html&gt;"/>
               </Properties>
             </Component>
             <Component class="javax.swing.JLabel" name="jLabel7">

src/BurpBountyGui.java

@@ -2797,7 +2797,7 @@ public void mouseClicked(java.awt.event.MouseEvent evt) {
 
         jLabel6.setFont(new java.awt.Font("Tahoma", 1, 18)); // NOI18N
         jLabel6.setForeground(new java.awt.Color(255, 102, 51));
-        jLabel6.setText("<html>Burp Bounty version 3.5</html>");
+        jLabel6.setText("<html>Burp Bounty version 3.6</html>");
 
         jLabel7.setFont(new java.awt.Font("Tahoma", 1, 18)); // NOI18N
         jLabel7.setForeground(new java.awt.Color(255, 102, 51));
@@ -2850,7 +2850,7 @@ public void mouseClicked(java.awt.event.MouseEvent evt) {
         this.setLayout(layout);
         layout.setHorizontalGroup(
             layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
-            .addComponent(jTabbedPane2, javax.swing.GroupLayout.DEFAULT_SIZE, 1140, Short.MAX_VALUE)
+            .addComponent(jTabbedPane2)
         );
         layout.setVerticalGroup(
             layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)

src/GenericScan.java

@@ -416,11 +416,9 @@ public List<IScanIssue> runAScan(IHttpRequestResponse baseRequestResponse, IScan
                         for (int index = 0; index < greps.size(); index++) {
                             greps_final.add(new ArrayList());
                         }
-                        
-                        
 
                         for (String grep : greps) {
-                            String[] tokens = grep.split(",",3);
+                            String[] tokens = grep.split(",", 3);
                             if (tokens[0].equals("true")) {
                                 if (tokens[1].equals("Or")) {
                                     if (!tokens[2].equals("")) {
@@ -568,7 +566,7 @@ public List<IScanIssue> runResPScan(IHttpRequestResponse baseRequestResponse, Js
                     break;
                 }
 
-                String[] tokens = grep.split(",",3);
+                String[] tokens = grep.split(",", 3);
 
                 if (tokens.length > 1) {
                     if (tokens[0].equals("true")) {
@@ -642,7 +640,7 @@ public List<IScanIssue> runReqPScan(IHttpRequestResponse baseRequestResponse, Js
 
             for (String grep : greps) {
 
-                String[] tokens = grep.split(",",5);
+                String[] tokens = grep.split(",", 5);
 
                 if (tokens.length > 1) {
                     if (tokens[0].equals("true")) {
@@ -761,7 +759,7 @@ public URL getLocation(IHttpService httpService, IHttpRequestResponse response)
             } else if (Location.startsWith("/")) {
                 url = new URL(httpService.getProtocol() + "://" + httpService.getHost() + Location);
                 return url;
-            } else{
+            } else {
                 url = new URL(httpService.getProtocol() + "://" + httpService.getHost() + "/" + Location);
                 return url;
             }
@@ -771,7 +769,7 @@ public URL getLocation(IHttpService httpService, IHttpRequestResponse response)
         }
     }
 
-public byte[] getMatchAndReplace(List<Headers> headers, byte[] checkRequest, String payload, String bchost) {
+    public byte[] getMatchAndReplace(List<Headers> headers, byte[] checkRequest, String payload, String bchost) {
         String tempRequest = helpers.bytesToString(checkRequest);
 
         if (!headers.isEmpty()) {
@@ -815,6 +813,7 @@ public int getContentLength(IHttpRequestResponse response) {
         try {
             response_info = helpers.analyzeResponse(response.getResponse());
         } catch (NullPointerException ex) {
+            callbacks.printError("GenericScan line 1279: " + ex.getMessage());
             return 0;
         }
 

src/GrepMatch.java

@@ -88,7 +88,7 @@ public IScanIssue getResponseMatches(IHttpRequestResponse requestResponse, Strin
                         m = p.matcher(responseString);
                     }
                 } catch (PatternSyntaxException pse) {
-                    callbacks.printError("GrepMacth line 93 Incorrect regex: " + pse.getPattern());
+                    callbacks.printError("Grep Match line 93 Incorrect regex: " + pse.getPattern());
                     return null;
                 }
 
@@ -222,7 +222,7 @@ public Object[] getRequestMatches(IHttpRequestResponse requestResponse, List<Str
                 try {
                     p = Pattern.compile(grep, Pattern.CASE_INSENSITIVE);
                 } catch (PatternSyntaxException pse) {
-                    callbacks.printError("Grep Macth line 251 Incorrect regex: " + pse.getPattern());
+                    callbacks.printError("Grep Match line 251 Incorrect regex: " + pse.getPattern());
                     return null;
                 }
 
@@ -238,7 +238,7 @@ public Object[] getRequestMatches(IHttpRequestResponse requestResponse, List<Str
                     p = Pattern.compile(grep, Pattern.CASE_INSENSITIVE);
                     m = p.matcher(helpers.bytesToString(requestResponse.getRequest()));
                 } catch (PatternSyntaxException pse) {
-                    callbacks.printError("Grep Macth line 251 Incorrect regex: " + pse.getPattern());
+                    callbacks.printError("Grep Match line 251 Incorrect regex: " + pse.getPattern());
                     return null;
                 }